Los Altos, Calif. – Dec. 19, 2016 – Contrast Security, the leader in next-generation application security, today announced that Contrast Protect now supports Microsoft .NET applications. Contrast Protect uses runtime application self-protection (RASP) technology to empower applications to automatically detect and fix vulnerabilities, identify attacks, and defend themselves. Microsoft .NET remains one of the top three enterprise application development environments. As a result, more enterprise applications can be self-protecting than ever before.
Web applications have become a rich target for attackers seeking ways to penetrate organizations’ networks. In fact, according to the 2016 Verizon Data Breach Investigations Report, attacks on web applications accounted for over 40 percent of incidents resulting in a data breach, and were the single biggest source of data loss. However, traditional network security tools lack the application understanding needed to accurately identify and block attacks on applications.
“Today, many businesses rely on legacy solutions that are difficult to manage, inaccurate, and do not fit in with modern software environments,” said Raphael Reich, Director of Product Marketing and Management at Contrast Security. “However, there is a rapidly emerging alternative: making applications self-protecting by infusing new security capabilities directly into the software. Self-protection has a significant advantage by being embedded inside the software itself, making it inherently accurate and scalable. Contrast is empowering a new era of self-protecting software with solutions like Contrast Protect for .NET environments.”
Key benefits of Contrast Protect include:
- Leading Protection: Contrast Protect includes attack blocking to stop custom attacks, CVE shields to block attacks on known vulnerabilities, bot blocking to prevent automated attacks, virtual patches to protect against custom attacks, and zero-touch logging to enhance the security logging of any application. This enables highly agile software by removing the need to “re-train” security defenses with every software release.
- Unprecedented Accuracy: Using an intelligent agent inside – as part of the application – allows Contrast Protect to have full visibility into running code, which makes the product uncannily accurate. Not only does Contrast eliminate false alarms but it also pinpoints risks in application code so developers can accelerate code fixes and resolve problems faster.
- Scalable Cloud Security: As applications move to the cloud and into containers, Contrast Protect is an ideal solution to ensure application security. No matter where applications are deployed or how they scale, Contrast Protect builds in security as part of the application itself.
- Proven Technology: Contrast’s patented deep security instrumentation technology has been used within almost 10,000 applications across a wide variety of operating systems, web servers, language platforms, application servers, frameworks, libraries, and custom coding styles.
- Unified Platform: Contrast eliminates security flaws in applications during development and protects them in production, all from a single platform, to provide a simple, single, centralized installation and management process.
Commonly used for in-house, enterprise-level deployments, the Microsoft .NET ecosystem is rich with existing libraries that provide developers with resources to build applications. Contrast Protect uses deep security instrumentation to gain insight into exactly how attacks behave. Now available for .NET, these applications are able to employ RASP to protect themselves by monitoring threats from within, with more accurate visibility and blocking. Contrast Protect is far more effective than legacy Web Application Firewalls (WAF), Intrusion Protection Systems (IPS) and Intrusion Detection Systems (IDS).
“When we instrumented applications at the UK's largest Government Department with Contrast Assess, it was like handing our project teams an incredibly powerful debugging agent containing the sum total of application security knowledge,” said Declan O'Riordan, Security Testing Manager, Testing IT, Ltd. “The next trick is the transition from resource-intensive IDS, IPS, Web Application Firewalls, and Security Operations Centers, to Runtime Application Self-Protection (RASP) with Contrast Protect. I'm delighted to see Contrast Protect is now extending coverage to .NET – and therefore C#, VB.NET, and J# code. As a hands-on manager of secure application development and testing, I'm looking forward to seeing Contrast technology eliminate the security bottleneck that has been delaying project deliveries and de-scoping important tests for decades.”
Contrast Protect is part of the Contrast technology platform, which also includes an interactive application security testing (IAST) solution that finds and fixes vulnerabilities during development and testing. Together, these two solutions make .NET applications self-protecting where they are vulnerable and defend themselves against attacks.
About Contrast Security
Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks. More accurate and effective than outdated legacy security measures, Contrast Security is a completely new approach to application security – the world’s first comprehensive platform for protecting enterprise applications from within. Contrast’s patented deep security instrumentation is the breakthrough technology that enables highly accurate analysis and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Named a “Visionary” by Gartner, Contrast Protect is a Runtime Application Self-Protection (RASP) solution, the only “Transformational” tool in the entire category in the latest Gartner Hype Cycle Report. More information can be found at www.contrastsecurity.com or by following Contrast on Twitter at @ContrastSec.